I am trying to create a new ssl certificate for one of my website using lets encrypt but I am getting an error.
Error : Fetching http://workbook.benefitscliffs.org/.well-known/acme-challenge/n1tOlCgj-Kqvodgso1biDbYZPINglGM77irk-Wm0sfg: Connection refused
So my traffic is going to ALB using http protocol but my Load balancer listen only on 443.
So How should i verify my acme-challenge
Anyone can help me for this?
Thank You
Then you need to fix that. Best practice is to listen on port 80 anyway, and when obtaining certs from Let's Encrypt using HTTP validation, your site must respond on port 80. It can redirect from there to 443 if desired, but it must respond on port 80.
Your ALB looks to be using a cert from Sectigo which is missing the intermediate chain. So, you need to fix that if you were not already aware.
The problem you describe looks like you are trying to get a cert for HTTPS between your origin server and the ALB.
Instead of trying to get the HTTP Challenge through the LB to your origin you could use the DNS Challenge instead. See these topics for details
If your DNS provider is not supported by Certbot you could consider using the acme.sh ACME Client (see it on github)
https://eff-certbot.readthedocs.io/en/stable/using.html#third-party-plugins
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.